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CLAIMS 

1. A method of authenticating a transaction initiated from a non- 
internet enabled device by a cardholder, the method comprising the 
steps of: 

submitting a purchase request message from the non- 
internet enabled device over a first nebvork to a mobile 
operator control means; 

converting the purchase request message to a format that is 
readable by a virtual cardholder control means; 

extracting a unique identifier from the purchase request 
message and matching it with a corresponding value stored 
in a remote database; 

extracting cardholder data stored in the remote database; 

sending an authentication request message to an Issuer 
access control means; 

sending a purchase authentication page from the Issuer 
access control means to the virtual cardholder control 
means; 

extracting displayable information and storing the purchase 
authentication page; 

prompting the cardholder to enter his or her credentials; 

converting the cardholder credentials to a format that is 
readable by the virtual cardholder control means; 
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parsing the stored purchase authentication page and 
recognizing the cardholder credential field(s); 

inserting the credentials Into the purchase authentication 
page; 

sending the populated purchase authentication page to the 
Issuer access control means; 

authenticating the cardholder credentials against an account 
holder database; and 

responding to the virtual cardholder control means with an 
authentication response message- 

2. The method of claim 1 , which includes the further steps of: 

forwarding the authentication response message to a 
Merchant control means; 

decoding and validating the authentication response; and 

generating an authorization request message and sending it 
to an Acquirer. 

3. The method of claim 1 , wherein the non-internet enabled device is 
selected from the group comprising: mobile telephones, landline 
telephones, Personal Digital Assistants (PDA's) and laptop 
computers. 

4. The method of claim 1 , wherein the technology used to submit a 
purchase request is taken from the group comprising: an Interactive 
Voice Response (IVR), Short message Services (SMS). SIM Toolkit 
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(STK). Unstructured Supplementary Services Data (USSD) and 
Wireless Application Protocol (WAP). 

5. The method of claim 1 , wherein the first network makes use of a 
plurality of wired and/or wireless network transport mechanisms to 
route the purchase request, the plurality of network transport 
mechanisms including GSM, CDMA, TDMA, GPRS, 3G, Bluetooth, 
Infrared, RFID and PSTN. 

6. The method of claim 1, wherein the cardholder credentials are 
selected from a group comprising a PIN, user ID and/or password, a 
biometric reading, a pseudo random number, a cryptogram, and a 
digital signature. 

7. A system for authenticating a transaction initiated from a non- 
internet enabled device by a cardholder, the system comprising: 

a mobile operator control means including formatting means 
for converting a purchase request message received from 
the non-internet enabled device; 

a first network for allowing the mobile operator control 
means to be in communication with the non-internet enabled 
device; 

a virtual cardholder control means for receiving the 
converted purchase request message from the mobile 
operator control means, the converted purchase request 
message being in a format that is readable by the virtual 
cardholder control means; 

an Issuer access control means for receiving an 
authentication request message from the virtual cardholder 
control means, the Issuer access control means being 
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arranged to generate and send a purchase authentication 
page from back to the virtual cardholder control means; 

storage means for storing the purchase authentication page; 

prompting means for prompting the cardholder to enter his or 
her credentials; 

converting means for converting the cardholder credentials 
to a format that is readable by the virtual cardholder control 
means; 

parsing means for parsing the stored purchase 
authentication page and recognizing the cardholder 
credential field(s); and 

populating means for populating the purchase authentication 
page with the credentials, with the virtual cardholder control 
means then being arranged to send the populated purchase 
authentication page to the Issuer access control means to 
enable the Issuer access control means to authenticate the 
cardholder credentials against an account holder database 
and to then respond to the virtual cardholder control means 
with an authentication response message. 

8. The system of claim 7, which further includes forwarding means for 
forwarding the authentication response message to a IVIerchant 
control means, which is arranged to decode and validate the 
authentication response and to then generate an authorization 
request message and send it to an Acquirer. 

9, The system of claim 7, wherein the non-internet enabled device is 
selected from the group comprising: mobile telephones, landline 
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telephones and Personal Digital Assistants (PDA's), laptop 
computers. 

10. The system of claim 7, wherein the technology used to submit a 
purchase request is taken from the group comprising: an Interactive 
Voice Response (IVR), Short message Services (SMS), SIM Toolkit 
(STK). Unstructured Supplementary Services Data (USSD) and 
Wireless Application Protocol (WAP). 

1 1 . The system of claim 7, wherein the first network makes use of a 
plurality of wired and/or wireless network transport mechanisms to 
route the purchase request, the plurality of network transport 
mechanisms including GSM, CDMA, TDMA, GPRS. 3G, Bluetooth. 
Infrared, RFID and PSTN. 

12. The system of claim 7. wherein the cardholder credentials are 
selected from a group comprising a PIN, user ID and/or password, a 
biometric reading, a pseudo random number, a cryptogram, and a 
digital signature. 

13. A method of authenticating a transaction initiated from a non- 
internet enabled device substantially as herein described and 
illustrated with reference to the attached drawings. 

14. A system for authenticating a transaction initiated from a non- 
internet enabled device substantially as herein described and 
illustrated with reference to the attached drawings 



